Re: [OE-core] [thud][PATCH v5] gcc: Security fix for CVE:
On 9/19/19 8:07 PM, Muminul Islam wrote: > Signed-off-by: Muminul Islam > --- > meta/recipes-devtools/gcc/gcc-8.2.inc | 3 + > .../gcc/gcc-8.2/CVE-2019-15847_p1.patch | 223 ++ > .../gcc/gcc-8.2/CVE-2019-15847_p2.patch | 47 > .../gcc/gcc-8.2/CVE-2019-15847_p3.patch | 38 +++ > 4 files changed, 311 insertions(+) > create mode 100644 meta/recipes-devtools/gcc/gcc-8.2/CVE-2019-15847_p1.patch > create mode 100644 meta/recipes-devtools/gcc/gcc-8.2/CVE-2019-15847_p2.patch > create mode 100644 meta/recipes-devtools/gcc/gcc-8.2/CVE-2019-15847_p3.patch This patch finally got into a build as it needed to be in master and warrior first. i am seeing this error. Can you confirm I have the correct patch. I believe its released to th p1 patch. | g++ -isystem/home/akuster/oss/maint/openembedded-core/build/tmp-glibc/work/x86_64-linux/gcc-cross-initial-powerpc/8.2.0-r0/recipe-sysroot-native/usr/include -O2 -pipe -DIN_GCC -DCROSS_DIRECTORY_STRUCTURE -fno-exceptions -fno-rtti -fasynchronous-unwind-tables -W -Wall -Wno-narrowing -Wwrite-strings -Wcast-qual -Wmissing-format-attribute -Woverloaded-virtual -pedantic -Wno-long-long -Wno-variadic-macros -Wno-overlength-strings -DHAVE_CONFIG_H -DGENERATOR_FILE -fno-PIE -static-libstdc++ -static-libgcc -L/home/akuster/oss/maint/openembedded-core/build/tmp-glibc/work/x86_64-linux/gcc-cross-initial-powerpc/8.2.0-r0/recipe-sysroot-native/usr/lib -L/home/akuster/oss/maint/openembedded-core/build/tmp-glibc/work/x86_64-linux/gcc-cross-initial-powerpc/8.2.0-r0/recipe-sysroot-native/lib -Wl,-rpath-link,/home/akuster/oss/maint/openembedded-core/build/tmp-glibc/work/x86_64-linux/gcc-cross-initial-powerpc/8.2.0-r0/recipe-sysroot-native/usr/lib -Wl,-rpath-link,/home/akuster/oss/maint/openembedded-core/build/tmp-glibc/work/x86_64-linux/gcc-cross-initial-powerpc/8.2.0-r0/recipe-sysroot-native/lib -Wl,-rpath,/home/akuster/oss/maint/openembedded-core/build/tmp-glibc/work/x86_64-linux/gcc-cross-initial-powerpc/8.2.0-r0/recipe-sysroot-native/usr/lib -Wl,-rpath,/home/akuster/oss/maint/openembedded-core/build/tmp-glibc/work/x86_64-linux/gcc-cross-initial-powerpc/8.2.0-r0/recipe-sysroot-native/lib -Wl,-O1 -no-pie -o build/genenums \ | build/genenums.o build/read-md.o build/errors.o ../build-x86_64-linux/libiberty/libiberty.a | build/genmddeps ../../../../../../../work-shared/gcc-8.2.0-r0/gcc-8.2.0/gcc/common.md ../../../../../../../work-shared/gcc-8.2.0-r0/gcc-8.2.0/gcc/config/rs6000/rs6000.md > tmp-mddeps | /bin/bash ../../../../../../../work-shared/gcc-8.2.0-r0/gcc-8.2.0/gcc/../move-if-change tmp-mddeps mddeps.mk | echo timestamp > s-mddeps | build/genconstants ../../../../../../../work-shared/gcc-8.2.0-r0/gcc-8.2.0/gcc/common.md ../../../../../../../work-shared/gcc-8.2.0-r0/gcc-8.2.0/gcc/config/rs6000/rs6000.md \ | > tmp-constants.h | /bin/bash ../../../../../../../work-shared/gcc-8.2.0-r0/gcc-8.2.0/gcc/../move-if-change tmp-constants.h insn-constants.h | echo timestamp > s-constants | build/genenums ../../../../../../../work-shared/gcc-8.2.0-r0/gcc-8.2.0/gcc/common.md ../../../../../../../work-shared/gcc-8.2.0-r0/gcc-8.2.0/gcc/config/rs6000/rs6000.md \ | > tmp-enums.c | /bin/bash ../../../../../../../work-shared/gcc-8.2.0-r0/gcc-8.2.0/gcc/../move-if-change tmp-enums.c insn-enums.c | echo timestamp > s-enums | g++ -c -isystem/home/akuster/oss/maint/openembedded-core/build/tmp-glibc/work/x86_64-linux/gcc-cross-initial-powerpc/8.2.0-r0/recipe-sysroot-native/usr/include -O2 -pipe -DIN_GCC -DCROSS_DIRECTORY_STRUCTURE -fno-exceptions -fno-rtti -fasynchronous-unwind-tables -W -Wall -Wno-narrowing -Wwrite-strings -Wcast-qual -Wmissing-format-attribute -Woverloaded-virtual -pedantic -Wno-long-long -Wno-variadic-macros -Wno-overlength-strings -DHAVE_CONFIG_H -DGENERATOR_FILE -fno-PIE -I. -Ibuild -I../../../../../../../work-shared/gcc-8.2.0-r0/gcc-8.2.0/gcc -I../../../../../../../work-shared/gcc-8.2.0-r0/gcc-8.2.0/gcc/build -I../../../../../../../work-shared/gcc-8.2.0-r0/gcc-8.2.0/gcc/../include -I../../../../../../../work-shared/gcc-8.2.0-r0/gcc-8.2.0/gcc/../libcpp/include -isystem/home/akuster/oss/maint/openembedded-core/build/tmp-glibc/work/x86_64-linux/gcc-cross-initial-powerpc/8.2.0-r0/recipe-sysroot-native/usr/include \ | -o build/gencheck.o ../../../../../../../work-shared/gcc-8.2.0-r0/gcc-8.2.0/gcc/gencheck.c | /bin/bash ../../../../../../../work-shared/gcc-8.2.0-r0/gcc-8.2.0/gcc/../move-if-change tmp-gtype.state gtype.state | build/gengtype \ | -r gtype.state | In file included from ./tm.h:23:0, | from ../../../../../../../work-shared/gcc-8.2.0-r0/gcc-8.2.0/gcc/gencheck.c:23: | ./insn-constants.h:377:3: error: expected identifier before numeric constant | 75 = 320, | ^ | ./insn-constants.h:377:3: error: expected ‘}’ before numeric constant | ./insn-constants.h:377:3: error: expected unqualified-id before numeric constant | ./insn-constants.h:404:1: error: expected
[OE-core] [thud][PATCH v5] gcc: Security fix for CVE:
Signed-off-by: Muminul Islam
---
meta/recipes-devtools/gcc/gcc-8.2.inc | 3 +
.../gcc/gcc-8.2/CVE-2019-15847_p1.patch | 223 ++
.../gcc/gcc-8.2/CVE-2019-15847_p2.patch | 47
.../gcc/gcc-8.2/CVE-2019-15847_p3.patch | 38 +++
4 files changed, 311 insertions(+)
create mode 100644 meta/recipes-devtools/gcc/gcc-8.2/CVE-2019-15847_p1.patch
create mode 100644 meta/recipes-devtools/gcc/gcc-8.2/CVE-2019-15847_p2.patch
create mode 100644 meta/recipes-devtools/gcc/gcc-8.2/CVE-2019-15847_p3.patch
diff --git a/meta/recipes-devtools/gcc/gcc-8.2.inc
b/meta/recipes-devtools/gcc/gcc-8.2.inc
index 866a77558b..65fd29d943 100644
--- a/meta/recipes-devtools/gcc/gcc-8.2.inc
+++ b/meta/recipes-devtools/gcc/gcc-8.2.inc
@@ -70,6 +70,9 @@ SRC_URI = "\
file://0039-Fix-for-testsuite-failure.patch \
file://0040-Re-introduce-spe-commandline-options.patch \
file://0041-ARC-fix-spec-gen.patch \
+ file://CVE-2019-15847_p1.patch \
+ file://CVE-2019-15847_p2.patch \
+ file://CVE-2019-15847_p3.patch \
${BACKPORTS} \
"
BACKPORTS = "\
diff --git a/meta/recipes-devtools/gcc/gcc-8.2/CVE-2019-15847_p1.patch
b/meta/recipes-devtools/gcc/gcc-8.2/CVE-2019-15847_p1.patch
new file mode 100644
index 00..6e73564266
--- /dev/null
+++ b/meta/recipes-devtools/gcc/gcc-8.2/CVE-2019-15847_p1.patch
@@ -0,0 +1,223 @@
+From eebe740f9142ee15bd997c480df0e1f61ac6ffd1 Mon Sep 17 00:00:00 2001
+From: segher
+Date: Fri, 30 Aug 2019 14:15:39 +
+Subject: [PATCH] Backport from trunk 2019-08-22 Segher Boessenkool
+
+Reply-To: muis...@microsoft.com
+
+ PR target/91481
+ * config/rs6000/rs6000.md (unspec): Delete UNSPEC_DARN, UNSPEC_DARN_32,
+ and UNSPEC_DARN_RAW.
+ (unspecv): New enumerator values UNSPECV_DARN, UNSPECV_DARN_32, and
+ UNSPECV_DARN_RAW.
+ (darn_32): Use an unspec_volatile, and UNSPECV_DARN_32.
+ (darn_raw): Use an unspec_volatile, and UNSPECV_DARN_RAW.
+ (darn): Use an unspec_volatile, and UNSPECV_DARN.
+
+git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/branches/gcc-8-branch@275181
138bc75d-0d04-0410-961f-82ee72b054a4
+Signed-off-by: Muminul Islam
+
+CVE: CVE-2019-15847
+
+Upstream-Status: Backport
+---
+ gcc/config/rs6000/rs6000.md | 169
+ 1 file changed, 169 insertions(+)
+
+diff --git a/gcc/config/rs6000/rs6000.md b/gcc/config/rs6000/rs6000.md
+index 60058814b8a..f540b033541 100644
+--- a/gcc/config/rs6000/rs6000.md
b/gcc/config/rs6000/rs6000.md
+@@ -136,6 +136,9 @@
+UNSPEC_LSQ
+UNSPEC_FUSION_GPR
+UNSPEC_STACK_CHECK
++ UNSPEC_CMPRB
++ UNSPEC_CMPRB2
++ UNSPEC_CMPEQB
+UNSPEC_FUSION_P9
+UNSPEC_FUSION_ADDIS
+UNSPEC_ADD_ROUND_TO_ODD
+@@ -162,6 +165,9 @@
+UNSPECV_EH_RR ; eh_reg_restore
+UNSPECV_ISYNC ; isync instruction
+UNSPECV_MFTB ; move from time base
++ UNSPECV_DARN ; darn 1 (deliver a random number)
++ UNSPECV_DARN_32; darn 2
++ UNSPECV_DARN_RAW ; darn 0
+UNSPECV_NLGR ; non-local goto receiver
+UNSPECV_MFFS ; Move from FPSCR
+UNSPECV_MTFSF ; Move to FPSCR Fields
+@@ -14602,6 +14608,169 @@
+"xscmpuqp %0,%1,%2"
+ [(set_attr "type" "veccmp")
+(set_attr "size" "128")])
++
++;; Miscellaneous ISA 3.0 (power9) instructions
++
++(define_insn "darn_32"
++ [(set (match_operand:SI 0 "register_operand" "=r")
++(unspec_volatile:SI [(const_int 0)] UNSPECV_DARN_32))]
++ "TARGET_P9_MISC"
++ "darn %0,0"
++ [(set_attr "type" "integer")])
++
++(define_insn "darn_raw"
++ [(set (match_operand:DI 0 "register_operand" "=r")
++(unspec_volatile:DI [(const_int 0)] UNSPECV_DARN_RAW))]
++ "TARGET_P9_MISC && TARGET_64BIT"
++ "darn %0,2"
++ [(set_attr "type" "integer")])
++
++(define_insn "darn"
++ [(set (match_operand:DI 0 "register_operand" "=r")
++(unspec_volatile:DI [(const_int 0)] UNSPECV_DARN))]
++ "TARGET_P9_MISC && TARGET_64BIT"
++ "darn %0,1"
++ [(set_attr "type" "integer")])
++
++;; Test byte within range.
++;;
++;; The bytes of operand 1 are organized as xx:xx:xx:vv, where xx
++;; represents a byte whose value is ignored in this context and
++;; vv, the least significant byte, holds the byte value that is to
++;; be tested for membership within the range specified by operand 2.
++;; The bytes of operand 2 are organized as xx:xx:hi:lo.
++;;
++;; Return in target register operand 0 a value of 1 if lo <= vv and
++;; vv <= hi. Otherwise, set register operand 0 to 0.
++;;
++;; Though the instructions to which this expansion maps operate on
++;; 64-bit registers, the current implementation only operates on
++;; SI-mode operands as the high-order bits provide no information
++;; that is not already available in the low-order bits. To avoid the
++;; costs of data widening
